On Sun, 26 May 2002, Ben Laurie wrote:
3) open /dev/random in non-blocking mode and defer EAGAIN reads until later (read it at startup; if it would block, try again when the entropy is actually needed, failing if it isn't ready by then -- no idea if this would even work).
Grr. We keep going around this loop - there isn't a "one size fits all" answer to the problem.
Okay, fair enough. Patch withdrawn. What do you think of option #3? Perhaps not fail, but defer the blocking read?
Sounds better to me.
What about a --with-devrandom=<path> option for people who do want to go the /dev/urandom route?
Surely its configurable anyway? Changing the default strikes me as something that will bite you if you aren't careful!
Cheers,
Ben.
-- http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
